package com.itita.ww2.utils;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
//import org.apache.http.impl.nio.client.CloseableHttpAsyncClient;
//import org.apache.http.impl.nio.client.HttpAsyncClients;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.SSLContextBuilder;

import okhttp3.OkHttpClient;

public class HttpUtil {

	/**
	 * Get CloseableHttpClient that ignore all-certificate (https)
	 * @return CloseableHttpClient
	 * @author Lan
	 */
	public static CloseableHttpClient getHttpClientNoop() {
		SSLContext sslContext = null;
		// 设置客户端信任
		try {
			SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
			sslContextBuilder.loadTrustMaterial(null, new TrustStrategy() {
				@Override
				public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
					return true;
				}
			});
			sslContext = sslContextBuilder.build();
		} catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
			e.printStackTrace();
		}

		// 设置允许所有签名(包括网站自签名)
		// SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext,
		//		new NoopHostnameVerifier());

		// Build - Registry
		//		RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.create();
		//
		//		registryBuilder.register("http", PlainConnectionSocketFactory.getSocketFactory());
		//		registryBuilder.register("https", new MyConnectionSocketFactory(sslContext));
		//		// registry
		//		Registry<ConnectionSocketFactory> registry = registryBuilder.build();
		//
		//		// HttpClientConnectionManager
		//		PoolingHttpClientConnectionManager manager = new PoolingHttpClientConnectionManager(registry);

		// CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sslContext).setConnectionManager(manager).build();
		//		CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sslContext)
		//				.setSSLHostnameVerifier(new NoopHostnameVerifier()).setConnectionManager(manager).build();
		CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sslContext)
				.setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
		return httpClient;
	}

	static class MyConnectionSocketFactory extends SSLConnectionSocketFactory {

		public MyConnectionSocketFactory(final SSLContext sslContext) {
			super(sslContext);
		}

		@Override
		public Socket createSocket(HttpContext context) throws IOException {
			InetSocketAddress socksaddr = (InetSocketAddress) context.getAttribute("socks.address");
			Proxy proxy = new Proxy(Proxy.Type.SOCKS, socksaddr);
			return new Socket(proxy);
		}
	}

//	public static CloseableHttpAsyncClient getHttpAsyncClientNoop() {
//		SSLContext sslContext = null;
//		// 设置客户端信任
//		try {
//			SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
//			sslContextBuilder.loadTrustMaterial(null, new TrustStrategy() {
//				@Override
//				public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
//					return true;
//				}
//			});
//			sslContext = sslContextBuilder.build();
//		} catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
//			e.printStackTrace();
//		}
//
//		// 设置允许所有签名(包括网站自签名)
//		CloseableHttpAsyncClient httpClient = HttpAsyncClients.custom().setSSLContext(sslContext)
//				.setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
//
//		return httpClient;
//	}

	public static OkHttpClient getUnsafeOkHttpClient() {
		try {
			final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
				@Override
				public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)
						throws CertificateException {
				}

				@Override
				public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType)
						throws CertificateException {
				}

				@Override
				public java.security.cert.X509Certificate[] getAcceptedIssuers() {
					return null;
				}
			} };

			// Install the all-trusting trust manager
			final SSLContext sslContext = SSLContext.getInstance("SSL");
			sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
			// Create an ssl socket factory with our all-trusting manager
			final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

			OkHttpClient ret = new OkHttpClient.Builder().sslSocketFactory(sslSocketFactory)
					.hostnameVerifier(new HostnameVerifier() {

						@Override
						public boolean verify(String hostname, SSLSession session) {
							return true;
						}
					}).build();
			return ret;
		} catch (Exception e) {
			e.printStackTrace();
			return new OkHttpClient();
		}
	}
}
